Fing

Privacy Policy

EP01 – Fing Privacy Policy Version: 1.3 – 2018 08 02

1. THE FING PRIVACY POLICY

Fing (“we”, “our”, or “us”), are part of a group of companies whose main legal entity is Fing Limited (collectively, “Fing”). We will collect and use information obtained via the Fing Mobile Application (the “App”) and our hardware addon Fingbox (altogether the Fing” Services”) as described in this policy. In doing so, we are committed to protecting and respecting your privacy and personal data, in accordance with applicable data protection and privacy rules. We do not sell or rent your personally identifiable information to any third party. In this Policy, Personal Data means information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, and online identifier or to one or more factors specific to his/her physical, physiological, genetic, mental, economic, cultural or social identity. The use of information collected through our Services shall be limited to the purpose of providing the Service for which you have signed up. This policy explains how we use information we collect when you visit the App or use the Fingbox and, together with our Terms & Conditions and any other documents referred to on it, sets out the basis on which any information we obtain about you, or through the use of our App will be processed by us. Please read this policy carefully to understand our views and practices regarding your information and how we will treat it. By creating a Fing account on our App or installing our Fingbox you are accepting and consenting to the practices described in this policy.

2. NOTICE OF PRIVACY SAFEGUARDS SPECIFIC TO OUR SERVICES

Fing basic app: As an unregistered Fing basic service user, we will not collect any Personal Data from you such as your name, email address, or other contact information. We will collect the originating Public IP address and the MAC addresses of the devices you submit to us for the purpose of device recognition, in order to match your device with a corresponding device type, brand, and model. We will not require you to create an account or provide any personal data such as name, email address, or other contact information. Thus, when this Privacy Policy refers to data collection, use, and sharing practices below (Section II), the description of these practices refers to the basic data sets described in this Section for Fing basic app users with device recognition and the other data sets described in Section 3 will not apply. You also can turn off device recognition at any time.

Fing SDK: As a developer using the SDK version of the app, you can embed our scanning device recognition technology in your software applications or physical products. This product uses the originating IP address and MAC addresses for device recognition purposes. The Privacy Policy terms below (Section II) for Fing SDK users describes our practices related to the data sets described in this Section and the other data sets described in Section 3 will not apply.

Fing account holders and Fingbox users: If you register an account with Fing, or if you are a user of Fingbox we will ask for your name, email address, location and a password. This information will be combined with technical information about your device and other information we may collect about you or your use of the services, and we will handle all such Personal Data as described in section 3 below. For all of these services, we reserve the right to combine information we collect from you with information we may receive from third parties. We will use and share all such information in accordance with Section II.

3. DETAILS ABOUT OUR PRACTICES

This privacy policy is composed of the following sections:

I. Information we may collect from you

II. How we may use your information

III. Legal basis for processing Personal Data of EEA users

IV. Disclosure of your information

V. Where and how we store and process your personal data

VI. For how long do we store your personal data

VII. Your rights

VIII. Access to information

IX. Changes to our privacy policy

X. Comments and questions on the privacy policy

As described in Section 2 above, please note that some of the information, collection, use, disclosure, and storage practices described below may not apply depending on the type Fing services you use.

I. Information we may collect from you

We may collect and process the following data about you:

• Information you give us. You may give us information about you by filling in forms on the App or by corresponding with us by e-mail or otherwise. This includes information you provide when you register to use the App, subscribe to our service, search for networks using our service, sync to the cloud, and when you report a problem with the App. The information you give us may include your name, address, e-mail address and geo-location. We may ask for and may collect personal information from you when you submit web forms on our Website or App or as you use interactive features of the Websites, including, participation in surveys, requesting customer support, or otherwise communicating with us.

• Information we may collect about you.

We give you as much control as possible over your information. In general, you can visit the App without telling us who you are or revealing any information about yourself. However, depending on the service you use, we may automatically collect the following information via the App or the Box, if present:

o Technical information, including the IP address used to connect your device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, type of device;

o Information on MAC addresses and Wi-Fi networks you collect through the App or the Box. Please note that this Privacy Policy does not exempt you from any obligations you may incur should you collect other individuals’ personal data.

o Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); Networks viewed or searched for; app response times, download errors, length of visits to certain pages, app interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the App.

• Information we may receive from other sources.

We may receive information about you if you use any other services we provide. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical and delivery services, advertising networks, analytics providers, search information providers) and may receive information about you from them.

II. How we may use your information.

To the extent we have collected or you have provided us information, and consistent with Section I above, we may use information in the following ways:

Information you give to us. We will use this information: o to provide you with the services you have subscribed for;
o to respond to any enquiries or requests for information you may have sent to us; o to notify you about changes to the App;
o to send you information about our products and services unless you unsubscribe to such communications;
o to ensure that content from the App is presented in the most effective manner for you and for your device.
• Information we collect about you. We will use this information: o to administer the App and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;

to improve the App to ensure that content is presented in the most effective manner for you and for your device; o to allow you to participate in interactive features of our service, when you choose to do so;
as part of our efforts to keep the App safe and secure;
to share the information with our trusted partners, where applicable, for the provision of our services; trusted partners are for example our cloud service provider or the service provider we use for sending out our own newsletter.
to measure or understand the effectiveness of advertising we may serve to you and others, and to deliver relevant communication to you within the Fing Application;
to make suggestions and recommendations to you and other users of the App about goods or services that may interest you or them; and for behavioural analysis; and o in anonymous (i.e. de-identified) format for analytical, statistical and business purposes. We may for example publish reports on the adoption of certain connected devices in different regions in the world, or provide you with statistics of how your network speed or performance compares to other users in your area.

Information we receive from other sources. We may combine this information with information you give to us and information we collect about you through other sources e.g. Google Ads/ Analytics. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).

III. Legal basis for processing Personal Data of EEA users.

If you are a Data Subject resident in the European Economic Area (EEA), our legal basis for collecting and using your Personal Data will depend on the information concerned and the specific context in which we collect it. However, we will collect personal information from you only where: (a) we have your consent to do so, (b) where we need the personal information to perform a contract with you (e.g. to deliver the Services you have requested), or (c) where the processing is in our or a third party’s legitimate interests (and not overridden by your data protection interests or fundamental rights and freedoms). In some cases, we may also have a legal obligation to collect personal information from you, or may otherwise need the personal information to protect your vital interests or those of another person. Where we rely on your consent to process the personal information, you have the right to withdraw or decline your consent at any time. Please note that this does not affect the lawfulness of the processing based on consent before its withdrawal. If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). Similarly, if we collect and use your personal information in reliance on our (or a third party’s) legitimate interests which are not already described in this Notice, we will make clear to you at the relevant time what those legitimate interests are.

IV. Disclosure of your information.

To the extent we have collected or you have provided us information, and consistent with Section I above, we may share your information with any member of our group, which means our ultimate holding company and its subsidiaries (as defined in section 1159 of the UK Companies Act 2006). We may share your information with selected third parties including:

• Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.

• Analytics and search engine providers that assist us in the improvement and optimisation of the App.

• In the event that we sell or buy any business or assets, in which case we may disclose your data to the prospective seller or buyer of such business or assets.

• If we are under a duty to disclose or share your data in order to comply with any legal obligation, or in order to enforce or apply our Terms of Use and other agreements; or to protect the rights, property, or safety of Fing, our customers, or others. This includes, where relevant, exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

V. Where and how we store and process your personal data Fing is a global business.

To offer a consistent service to you we manage the App from servers provided by a third party cloud service provider that are located in Ireland and Germany. The data that we collect from you may be transferred to, and stored to these servers. It may also be processed by staff operating in other countries within the European Economic Area, who work for the company or for one of our suppliers. To provide you with the Services when you are on the go, we may need to store, process and transmit information in locations around the world from where you are accessing our services– including those outside your country. Those countries may not provide the same level of protection for your data as your home country, and may be available to the governments or agencies under a lawful order of those countries. Where this is the case, we will use reasonable efforts to try to ensure that your data is protected in accordance with this privacy policy. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy and applicable privacy laws. Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted to the App. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. As per the organizational duties introduced by the General Data Protection Regulation (“GDPR”), we commit to report personal data breaches to the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, also those individuals will be informed without undue delay. For any questions about the security of your personal information, you can contact us at privacy@fing.io.

VI. For how long do we store your personal data

Fing stores your data on its cloud servers for as long as you remain a Fing user in order to provide you with Fing services and products and for legal compliance purposes. You can delete your personal data at any time by terminating your account or by writing to us at privacy@fing.io We may retain de-identified data indefinitely.

VII. Your rights At Fing we take our users’ rights into the highest regard.

For this purpose, we align ourselves to the most advanced privacy regulations available. When in it comes to your Personal Data, we recognize, and commit to respect and enforce, the following rights:

1. The right to be informed: upon request we will provide you with information about whether we hold or process any of your personal information. To request this information please contact us at privacy@fing.io.

2. The right of access: as a user of our Services, you may access your personal data, at any time, by logging into the Fing App and accessing the following section: https://app.fing.io/app#user:account you may also email us at privacy@fing.io.

3. The right to rectification: as a user of our Services, you may access and update or change your Account Information by editing them yourself from your profile area of the Fing App. For any further information, or if you encounter any difficulty in accessing your data you can email us at privacy@fing.io.

4. The right to erasure: If you no longer wish to make us of our Services, you my erase your personal data from the Account area of the Fing App. You may also exercise this right by making a request, in accordance with Data Protection Laws, by emailing privacy@fing.io.

5. The right to restrict or object processing: You retain the right to request us to refrain from or restrict our processing of your data for the purposes of marketing. To exercise such right, you may click the “unsubscribe” link in any email from us, update your preferences in your account, or contact us via email at privacy@fing.io.

6. The right to data portability: You retain at all times the right to to exercise your right of having your Personal Data exported and transferred – in a safe way – to another provider of Services similar to ours. You may exercise this right by making a request, in accordance with Data Protection Laws, by emailing privacy@fing.io. Any request related to your rights above, will be handled within thirty (30) days from the moment we receive such request. In case you deem your rights to have been violated, or if you are dissatisfied with the way your requests were handled, you can lodge a complaint with the Irish data protection regulator, the Irish Data Protection Commissioner (https://www.dataprotection.ie).

VIII. Children’s Information

The Fing Services are not directed to, nor do we knowingly collect personal information from, children under the age of 16. If you become aware that your child or any child under your care has provided us with information without your consent, please contact us at privacy@fing.io.

IX. Links to third party websites

The App may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these apps or websites, please note that these have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check the policies before you submit any data to these apps or websites.

4. CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our privacy policy in the future will be notified vie the App and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

5. HOW TO CONTACT US

If you have questions or comments about this Privacy Policy, you can contact our Data Protection Officer, Pietro Pollichieni, at privacy@fing.io or write at our main office at 1st Floor Minerva House, Simmonscourt Road, Dublin 4, Ireland.